Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004315)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004315 advisory. A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass...

EUVD-2024-32898

Malicious code in bioql PyPI...

EUVD-2022-37254

Malicious code in bioql PyPI...

CVE-2022-34294

totd 1.5.3 uses a fixed UDP source port in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks...

DNS Cache Poisoning

gVisor is vulnerable to predictable TCP/UDP source ports. The vulnerability is due to a flawed randomization mechanism in gVisor's TCP/UDP source port and header value generation, allowing attackers to predict these values...

CVE-2024-10603

Weaknesses in the generation of TCP/UDP source ports and some other header values in Google's gVisor allowed them to be predicted by an external attacker in some circumstances...

PT-2025-1598 · Google · Gvisor

Name of the Vulnerable Software and Affected Versions: gVisor affected versions not specified Description: The issue concerns weaknesses in the generation of TCP/UDP source ports and some other header values in Google's gVisor. This allowed an external attacker to predict these values in certain...

Security Bulletin: UDP source port randomization flaw in IBM DataPower Gateway (CVE-2020-25705)

Summary IBM has addressed the CVE Vulnerability Details CVEID:CVE-2020-25705 DESCRIPTION: Linux Kernel could allow a remote attacker to bypass security restrictions, caused by a flaw in the way reply ICMP packets are limited. By sending a specially-crafted request, an attacker could exploit this...

CVE-2022-33989

dproxy-nexgen aka dproxy nexgen uses a static UDP source port selected randomly only at boot time in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks...

Design/Logic Flaw

dproxy-nexgen aka dproxy nexgen uses a static UDP source port selected randomly only at boot time in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks...

CVE-2022-34294

totd 1.5.3 uses a fixed UDP source port in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks...

Design/Logic Flaw

totd 1.5.3 uses a fixed UDP source port in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks...

CVE-2022-33989

CVE-2022-33989 concerns dproxy-nexgen (dproxy nexgen), which uses a static UDP source port that is chosen randomly only at boot for upstream DNS queries. The limited entropy enables DNS cache poisoning since traffic injection becomes easier without a fresh, per-query port randomization. Connected...

CVE-2022-34294

totd 1.5.3 uses a fixed UDP source port in upstream queries sent to DNS resolvers. This allows DNS cache poisoning because there is not enough entropy to prevent traffic injection attacks...

CVE-2021-20322

A flaw in the processing of received ICMP errors ICMP fragment needed and ICMP redirect in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest...

Oracle Linux 7 : kernel (ELSA-2021-0856)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-0856 advisory. - pinctrl devicetree: Avoid taking direct reference to device name string Aristeu Rozanski 1922902 CVE-2020-0427 - pinctrl Delete an error message...

SUSE SLES15 Security Update : kernel (SUSE-SU-2020:3764-1)

The SUSE Linux Enterprise 15 SP2 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-15436: Fixed a use after free vulnerability in fs/blockdev.c which could have allowed local users to gain privileges or cause a denial of service...

nginx parsing vulnerability could allow cache poisoning attack-vulnerability warning-the black bar safety net

! Many nginx users will use Google public DNS, OpenDNS or the ISP of the the parser the parser and other parsing program instructions to configure nginx, but among these there is a big risk, the only safe option is running on the local host to a parser. I found that not only the nginx stub resolv...

SyGate 5.0 Insecure UDP Source Port Firewall Bypass Weak Default Configuration Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6684/info It has been reported that the Sygate Pro firewall permits traffic originating from UDP source port 137 or 138 by default. This may allow a remote attacker to bypass the firewall. nmap -vv -P0 -sU...

Oracle Linux 5 : dnsmasq (ELSA-2008-0789)

The remote Oracle Linux 5 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2008-0789 advisory. - fixes for CVE-2008-1447/CERT VU800113 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...